Information Security & Risk Governance Lead (GRC)

• GRC Lead for APAC regions, including China and India
• People Manager role with a strong track record in leadership
• Reporting line to headquarters in France

about the company
Our client is a multinational company that has a rich history spanning nearly 200 years, a testament to their enduring success in the business world. Headquartered in Paris, France, the company has grown to become one of the world's leading wine and spirits producers. They are a prominent player in the global alcoholic beverage industry, renowned for its extensive brand portfolio, commitment to quality, and dedication to sustainability and social responsibility.

about the job

• Develop, govern and enforce cybersecurity policies, standards, and guidelines to ensure robust security practices.
• Lead evaluations of security and privacy risks, coordinating swift responses to suspected cyber incidents/events.
• Monitor cybersecurity risks and report findings to relevant technical and business executive committees.
• Manage the Information Security GRC team, focusing on all cybersecurity aspects within the designated region, domains, and tech portfolio.
• Proactively drive risk reduction initiatives within the defined scope.
• Ensure effective security measures within the scope of assigned regions, domains, and technology areas.
• Collaborate on cyber strategy and roadmap creation for long-term security goals.
• Drive compliance with internal standards and regional cybersecurity regulations, both internally and externally.

skills and experience required
Minimum of 10 years experience in Governance, Risk, and Compliance (GRC), with a solid understanding of cybersecurity frameworks such as ISO 27001, SOC 2, MITRE ATTACK, and NIST, as well as expertise in penetration testing and security audits.

Skilled in managing incident response, evaluating cybersecurity risks, and conducting vulnerability assessments.

Proven ability to lead a team, with a track record of managing 2-3 direct reports.

Experience working in a regional setting, with the ability to navigate diverse regulatory environments and cultural considerations.

Whats on offer
The permanent opportunity for an Information Security & Risk Governance Lead (GRC), will pay a salary range of $13,000 - $ 15,000 plus benefits. This opportunity offers hybrid working arrangement.

To apply online please use the apply function, alternatively you can reach me at
https://www.linkedin.com/in/Oliviatoh-032330132/. (EA: 94C3609 / R22109942)

Desired Skills and Experience

GRC, information security, governance, compliance, risk, cybersecurity, NIST, ISO 27001, Mitre attack frameworks, vulnerability assessment, risk evaluation, Security Governance and Risk Manager, CEH, CISSP, CISA, CRISC